DeerFlow

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a coherent Agent module development guide with a somewhat broad trigger, but no evidence of hidden execution, credential handling, persistence, or exfiltration.

Install this if you want Agent/acore-agent development guidance. Be aware that it may activate on generic Agent-related prompts, so review its advice for fit before applying changes to production Agent lifecycle, publishing, deletion, or permission logic.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The invocation guidance is broad enough to activate this skill for generic topics like research agents or multi-step workflows, which can cause unintended routing to a powerful orchestration skill. In the context of a super-agent harness that can coordinate sub-agents, memory, and sandboxes, overbroad triggering increases the chance of unnecessary exposure to higher-risk capabilities and confusing or unsafe tool use.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal